7.6
CVE-2025-22533 - WordPress WOOEXIM Plugin <= 5.0.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bulktheme WOOEXIM wooexim allows SQL Injection.This issue affects WOOEXIM: from n/a through <= 5.0.0.
5.4
CVE-2025-22534 - WordPress Slides & Presentations Plugin <= 0.0.39 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ella Van Durpe Slides & Presentations slide allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slides & Presentations: from n/a through <= 0.0.39.
7.6
CVE-2025-22536 - WordPress WP Music Player Plugin <= 1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hiren.sabd WP Music Player wp-music-player allows SQL Injection.This issue affects WP Music Player: from n/a through <= 1.3.
7.1
CVE-2025-22538 - WordPress Virtual Bot Plugin <= 1.0.0 - CSRF Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Ofek Nakar Virtual Bot virtual-bot allows Stored XSS.This issue affects Virtual Bot: from n/a through <= 1.0.0.
5.4
CVE-2025-22541 - WordPress WP Delete Post Copies plugin <= 5.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in etruel WP Delete Post Copies etruel-del-post-copies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Delete Post Copies: from n/a through <= 5.5.
5.4
CVE-2025-22543 - WordPress ST Gallery WP plugin <= 1.0.8 - Settings Change vulnerability
Missing Authorization vulnerability in beautifultemplates ST Gallery WP st-gallery-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ST Gallery WP: from n/a through <= 1.0.8.
6.5
CVE-2025-22544 - WordPress Mind Doodle Visual Sitemaps & Tasks plugin <= 1.6 - Cross Site Scripting (XSS) vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mind Doodle Mind Doodle Visual Sitemaps & Tasks mind-doodle-sitemap allows Stored XSS.This issue affects Mind Doodle Visual Sitemaps & Tasks: from n/a through <= 1.6.
6.5
CVE-2025-22545 - WordPress iframe to embed plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sw.galati iframe to embed iframe-to-embed allows Stored XSS.This issue affects iframe to embed: from n/a through <= 1.2.
6.5
CVE-2025-22546 - WordPress jQuery TwentyTwenty plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Obaid Hossain jQuery TwentyTwenty js-twentytwenty allows Stored XSS.This issue affects jQuery TwentyTwenty: from n/a through <= 1.0.
7.1
CVE-2025-22547 - WordPress JK Html To Pdf plugin <= 1.0.0 - CSRF to Stored XSS vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jaykrishnang JK Html To Pdf jk-html-to-pdf allows Stored XSS.This issue affects JK Html To Pdf: from n/a through <= 1.0.0.